dotws86260 2018-04-25 18:48
浏览 118
已采纳

LDAP过滤器:仅从给定日期开始更新用户

I have trouble setting up an Active Directory filter to synchronize a MySQL database containing all my users. And I can not create a filter that only retrieves users with an update date greater than a given date.

I tried using uSNChanged attribute on my filter but it returns me 0 result.

Any suggestion is welcome thanks to all

  • 写回答

1条回答 默认 最新

  • douou1891 2018-04-25 19:17
    关注

    You would search by the whenChanged attribute. Something like this:

    (&(whenChanged>=20180425150000.0-0400)(objectClass=user)(objectCategory=person))
    

    The format is pretty straight forward:

    {year}{month}{date}{hour}{minute}{seconds}.{milliseconds}-{timezone}
    

    For example, in my example above I used today's date at 3:00pm eastern.

    There are a couple caveats to keep in mind:

    1. The whenChanged attribute is not exactly the same on every domain controller, but they will be close (within a half hour). The reason is because of replication - the time is set to the time each DC received the change.
    2. When a user logs in, the lastLogon time is updated, and that triggers the whenChanged attribute to be updated. So just because whenChanged changes, it doesn't mean someone modified the account. This also means that this search will return more accounts than you may expect.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 求差集那个函数有问题,有无佬可以解决
  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题